VulnCheck KEV: CVE-2017-1000253

Linux kernel contains a position-independent executable PIE stack buffer corruption vulnerability in loadelf binary that allows a local attacker to escalate privileges...

The vulnerability of the client’s execution file airhost.exe allows unauthorized access to protected information when conducting real-time audio and video conferences using Zoom Client for Meetings.

The vulnerability of the airhost.exe executable file used by clients for real-time audio and video conferencing with Zoom Client for Meetings is related to the rigid encoding of registration data when using the SHA-256 hashing algorithm. Exploiting this vulnerability can allow a malicious...

RUSTSEC-2021-0071 `grep-cli` may run arbitrary executables on Windows

On Windows in versions of grep-cli prior to 0.1.6, it's possible for some of the routines to execute arbitrary executables. In particular, a quirk of the Windows process execution API is that it will automatically consider the current directory before other directories when resolving relative...

`grep-cli` may run arbitrary executables on Windows

On Windows in versions of grep-cli prior to 0.1.6, it's possible for some of the routines to execute arbitrary executables. In particular, a quirk of the Windows process execution API is that it will automatically consider the current directory before other directories when resolving relative...

CVE-2021-22755

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied data, when a malicious CGF file is imported to IGSS Definition...

CVE-2021-25416

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area...

Improper access control

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area...

CVE-2021-25416

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area...

CVE-2021-34539

An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution...

CVE-2021-34539

An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution...

Design/Logic Flaw

An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution...

CVE-2021-34539

An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution...

Vembu BDR Suite Command Injection Vulnerability

Vembu BDR Suite is a virtual machine management system. A command injection vulnerability exists in Vembu BDR Suite that arises from a network system or product that does not properly filter specific elements of externally entered data during the construction of an executable command. An attacker...

CVE-2020-27383

Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to weak set of permissions being granted to the "Authenticat...

CVE-2021-33829

A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...

CVE-2021-33829

A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...

SUSE: Security Advisory (SUSE-SU-2012:0623-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Guild Wars 2 安全漏洞

Guild Wars 2 Guild Wars 2 is a role-playing computer client game. A security vulnerability exists in Guild Wars 2 launcher version 106916, which stems from improper privilege control. An authenticated attacker can use this vulnerability to modify an existing executable file with a binary of his...

SUSE: Security Advisory (SUSE-SU-2014:1473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rockwell Automation ISaGRAF 安全漏洞

Rockwell Automation ISaGRAF is an automation software technology for creating integrated automation solutions from Rockwell Automation. It is designed to be scalable and portable and is suitable for developing small controllers and large distributed automation systems. A security vulnerability...